Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE25CD2F2CE11EFB0B18860762E951A.roa
File: 2CE25CD2F2CE11EFB0B18860762E951A.roa (raw, json)
Hash identifier: Yh33MMFEnerpvwzfZpvAsZLfu/So6VmQ+7jU6NURboY=
Subject key identifier: E2:CB:20:16:22:39:A4:11:06:24:86:79:A0:69:21:11:D0:A6:34:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C7A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE25CD2F2CE11EFB0B18860762E951A.roa
Signing time: Mon 24 Feb 2025 16:41:20 +0000
ROA not before: Mon 24 Feb 2025 16:41:17 +0000
ROA not after: Sat 29 Mar 2025 16:41:17 +0000
asID: 203020
IP address blocks: 154.223.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89210 (0x15c7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:41:17 2025 GMT
Not After : Mar 29 16:41:17 2025 GMT
Subject: CN=67bca130-6888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:b5:b6:db:5e:27:17:1b:03:c5:d8:0d:e1:
24:a7:fd:f3:f7:98:c2:1e:c0:57:f1:8d:41:47:4d:
2c:3d:3b:38:52:e2:cb:e8:ff:46:cc:a6:2a:4d:e8:
ff:53:59:be:37:94:b4:4d:e1:26:a0:6f:19:12:ac:
2c:c2:ea:0a:82:cc:e2:03:c5:9f:d5:b9:87:79:cf:
a6:13:d6:8c:82:70:55:7e:26:f3:c1:f2:5a:94:79:
15:d9:11:2b:b0:b2:f3:e6:cb:30:21:26:8f:5a:ea:
15:b6:4a:d7:15:6f:78:d2:0f:4b:d1:db:7c:af:48:
89:6a:23:91:dc:25:3f:d2:96:15:88:1d:a8:a2:c7:
1b:ef:84:22:b6:0e:22:34:ca:5e:4c:75:b3:46:cb:
2a:3a:91:64:19:db:e6:fa:37:8e:af:af:d4:f4:5a:
31:c6:76:94:91:43:da:6b:0b:05:56:ab:56:4a:f7:
51:f3:ab:ec:f8:ef:69:99:b1:54:91:4b:2e:0c:b6:
15:6a:ef:4c:63:89:99:13:43:59:78:8f:4e:8f:2c:
05:91:14:da:52:75:8c:6c:64:5b:1a:90:97:8b:f5:
e6:54:cc:56:28:b7:90:9c:62:eb:09:77:35:ee:d3:
90:61:08:f7:88:d8:41:82:e6:0e:a6:3e:6c:41:7c:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CB:20:16:22:39:A4:11:06:24:86:79:A0:69:21:11:D0:A6:34:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CE25CD2F2CE11EFB0B18860762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.174.0/24
Signature Algorithm: sha256WithRSAEncryption
04:7d:3c:39:50:e9:78:4b:8d:4b:c5:c5:c0:fb:07:f3:a1:ba:
61:65:75:d0:c5:f1:35:2c:d1:27:d6:32:b0:43:80:a2:7a:6c:
4d:43:71:12:1b:05:ba:b4:a9:43:6e:8d:1e:7b:14:f9:64:1e:
4f:ce:1a:52:fa:fe:11:42:55:71:50:7c:ef:b0:ee:6d:c4:af:
ea:47:e4:33:5e:28:21:83:ed:56:10:49:c0:cc:07:d1:82:7a:
60:d8:31:f3:f9:d9:2e:a0:df:68:24:df:52:c5:bd:4d:0c:54:
dc:51:24:b1:09:be:08:ff:b1:af:ab:70:eb:97:8f:ec:e3:5b:
3d:76:cb:7c:ce:5f:3c:d9:90:39:64:47:00:a4:08:07:7d:ae:
c1:08:ce:c8:0e:12:9e:ac:15:e4:76:2a:85:51:e3:57:ab:2d:
ed:c6:ea:32:e8:9f:8e:75:ba:09:f1:06:c1:5d:2b:ab:6b:7d:
96:f1:bb:ed:33:36:f6:f8:a8:02:e0:45:93:b3:a3:b3:cc:de:
74:ef:51:61:1c:70:88:a3:78:ca:c3:40:c4:6a:67:09:5c:b1:
cf:f0:e5:0e:9d:b9:57:b1:da:3c:85:70:5d:b2:54:ef:eb:9a:
e0:96:08:92:73:e3:27:2c:19:88:bb:a3:14:69:c2:5d:48:52:
4d:6b:43:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVx6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTY0MTE3WhcNMjUwMzI5MTY0MTE3WjAYMRYw
FAYDVQQDEw02N2JjYTEzMC02ODg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0qW1ttteJxcbA8XYDeEkp/3z95jCHsBX8Y1BR00sPTs4UuLL6P9GzKYq
Tej/U1m+N5S0TeEmoG8ZEqwswuoKgsziA8Wf1bmHec+mE9aMgnBVfibzwfJalHkV
2RErsLLz5sswISaPWuoVtkrXFW940g9L0dt8r0iJaiOR3CU/0pYViB2ooscb74Qi
tg4iNMpeTHWzRssqOpFkGdvm+jeOr6/U9FoxxnaUkUPaawsFVqtWSvdR86vs+O9p
mbFUkUsuDLYVau9MY4mZE0NZeI9OjywFkRTaUnWMbGRbGpCXi/XmVMxWKLeQnGLr
CXc17tOQYQj3iNhBguYOpj5sQXy6VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOLL
IBYiOaQRBiSGeaBpIRHQpjSvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0UyNUNEMkYyQ0UxMUVGQjBCMTg4NjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+uMA0GCSqGSIb3DQEB
CwUAA4IBAQAEfTw5UOl4S41LxcXA+wfzobphZXXQxfE1LNEn1jKwQ4CiemxNQ3ES
GwW6tKlDbo0eexT5ZB5PzhpS+v4RQlVxUHzvsO5txK/qR+QzXighg+1WEEnAzAfR
gnpg2DHz+dkuoN9oJN9Sxb1NDFTcUSSxCb4I/7Gvq3Drl4/s41s9dst8zl882ZA5
ZEcApAgHfa7BCM7IDhKerBXkdiqFUeNXqy3txuoy6J+OdboJ8QbBXSura32W8bvt
Mzb2+KgC4EWTs6OzzN5071FhHHCIo3jKw0DEamcJXLHP8OUOnblXsdo8hXBdslTv
65rglgiSc+MnLBmIu6MUacJdSFJNa0OJ
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:08:34 2025 by rpki-client